Feature #8204: firewall: support for hot reload of firewall mode rules - Suricata - Open Information Security Foundation

Feature #8204

Rule reloading without restarts is not yet supported for firewall mode rules. 

 rules, even though it is for the older IPS/IDS rule types.  

 This implies that users need to restart Suricata whenever there is a need for to update firewall mode rules, and this can cause interruptions to packet processing, packet losses and cause flows to be re-categorized as midstream.  

 It would be useful to have some in built support to hot-reload firewall mode rules (similar to what exists for the existing IPS/IDS rules) without need for restarts.

Back

Project

General

Profile

Suricata

Feature #8204